Lucene search
Ubuntu.comUB:CVE-2012-1162HistoryJul 12, 2012 - 12:00 a.m.
CVE-2012-1162
2012-07-1200:00:00
ubuntu.com
ubuntu.com
6
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.015 Low
EPSS
Percentile
86.7%
Heap-based buffer overflow in the _zip_readcdir function in zip_open.c in
libzip 0.10 allows remote attackers to cause a denial of service
(application crash) and possibly execute arbitrary code via a zip archive
with the number of directories set to 0, related to an βincorrect loop
construct.β
Bugs
Notes
| Author | Note |
|---|---|
| jdstrand | only 0.10 affected http://hg.nih.at/libzip/?cs=de747816d94c introduced the problem |
Related
cve
cve
CVE-2012-1162
2012-07-12 20:55:00
prion
prion
Heap overflow
2012-07-12 20:55:00
debiancve
debiancve
CVE-2012-1162
2012-07-12 20:55:00
seebug
seebug
nessus
nessus
GLSA-201203-23 : libzip: Multiple vulnerabilities
2012-06-21 00:00:00
Mandriva Linux Security Advisory : libzip (MDVSA-2012:034)
2012-03-23 00:00:00
Fedora 17 : libzip-0.10.1-1.fc17 (2012-4485)
2012-04-12 00:00:00
securityvulns
securityvulns
libzip securitty vulnerabilities
2012-04-02 00:00:00
[PRE-SA-2012-02] Incorrect loop construct and numeric overflow in libzip
2012-04-02 00:00:00
[ MDVSA-2012:034 ] libzip
2012-03-25 00:00:00
openvas
openvas
Mandriva Update for libzip MDVSA-2012:034 (libzip)
2012-08-03 00:00:00
Gentoo Security Advisory GLSA 201203-23 (libzip)
2012-04-30 00:00:00
Mandriva Update for libzip MDVSA-2012:034 (libzip)
2012-08-03 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: libzip-0.10.1-1.fc17
2012-04-12 02:48:29
gentoo
gentoo
libzip: Multiple vulnerabilities
2012-03-29 00:00:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.015 Low
EPSS
Percentile
86.7%
Related for UB:CVE-2012-1162